When you are answering the Privacy Policy questionnaire, you may be asked who the user should contact to exercise their privacy rights. You are being asked this question because one or more privacy laws that apply to you require you to disclose the contact details of whom an individual should contact to exercise their privacy rights (e.g. to ask you delete or correct the personal information that you have collected about them). Please note that failure to include the appropriate contact information can result in non-compliance with the privacy laws that apply to you. 


The following privacy laws require you to disclose the following contact details in response to this question: 

  • Nevada Revised Statutes Chapter 603A (you need to comply with this privacy law if you selected that you do business in Nevada and that you collect the personal information of residents of Nevada on page 1 of the Privacy Policy questionnaire) - you will need to disclose one of the following - an email address, toll-free telephone number or a link to a web page. 
  • General Data Protection Regulation (GDPR) (you will need to comply with this privacy law if you selected that you offer goods or services to residents of the European Union or the European Economic Area or if you selected that you track the behavior of residents of the European Union or the European Economic Area on page 1 of the Privacy Policy questionnaire) - you will need to disclose at least one avenue where individuals can contact you to exercise their privacy rights (this can be an email address, phone number, link to a web page or your physical address).
  • United Kingdom's Data Protection Act 2018 (UK DPA 2018) (you will need to comply with this privacy law if you selected that you offer goods or services to residents of the United Kingdom or that you track the behavior of residents of the United Kingdom on page 1 of the Privacy Policy questionnaire) - you will need to disclose at least one avenue where individuals can contact you to exercise their privacy rights (this can be an email address, phone number, link to a web page or your physical address).
  • California Privacy Rights Act (CPRA) (you will need to comply with this privacy law if you selected that you do business in California and you selected "yes" for one of the following questions - "do you have annual gross revenue of more than $25,000,000?", "do you annually buy, receive, sell or share the personal information of 50,000 or more California consumers, households or devices?", or "do you derive 50% or more of your annual revenue from selling the personal information of California consumers?". You will also need to comply with this privacy law if you selected "yes" to the question of "do your vendors or clients require you to comply with the California Privacy Rights Act (CPRA)?". If the CPRA applies to you, and you are a business that operates exclusively online, you will need to disclose an email address where individuals can contact you to exercise their privacy rights. All other businesses must provide two contact methods, including, at a minimum, a toll-free telephone number. Businesses that sell personal information will also need to include a link to a web page where consumers can opt out of sales of their personal information.
  • Personal Information Protection and Electronic Documents Act (PIPEDA) (you need to comply with this privacy law if you selected that you collect the personal information of Canadians on page 1 of the Privacy Policy questionnaire) - you will need to disclose the name or title and contact information of the person to whom privacy requests should be sent. PIPEDA does not specify what types of contact information should be disclosed so it is up to you to determine what contact details to include (e.g. email address or phone number). 
  • Australia Privacy Act 1988 (you need to comply with this privacy law if you are not located in Australia if you selected that you collect the personal information of Australians or residents of any of the Australian external territories and that you do business in Australia or in any of the Australian external territories on page 1 of the Privacy Policy questionnaire. You need to comply with this privacy law if you are located in Australia and you selected that you collect the personal information of Australians and that you have annual gross revenue of AUD $3,000,000 or more or if you selected that "yes" to the question of "is your business any of the following?" on page 1 of the Privacy Policy questionnaire) - you will need to disclose how an individual may exercise their privacy rights. The Australia Privacy Act does not specify what types of contact details to include so it is up to you to determine what details you would like to disclose (e.g. email address or physical address).